575f63b628e10d004116ed682c80f5634e4c481be34e51912862bb88abcf2d5e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c0077c3d45c9043427b71503aa01b1d5
Size

446KB
Sample

240311-grbm1adh2w
MD5

c0077c3d45c9043427b71503aa01b1d5
SHA1

04b094da36c684a13b3807b1eb309a33d13c5a49
SHA256

575f63b628e10d004116ed682c80f5634e4c481be34e51912862bb88abcf2d5e
SHA512

cd99a89249aab8f065977d3ed5973c1b0c3d64ab684177addc4ff977ce27cc82ad7410c08f1baa24acb808b1d315219a3573296f712f7aaabee499e4d50f4635
SSDEEP

12288:cA2yohgB7VJVYtVH0teWBJFCSY8r4/XxmvBFW1/mrw1:cA2rhgRVYDUtxB678r4/xEFW1/Cw1

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  c0077c3d45c9043427b71503aa01b1d5
- Size
  
  446KB
- MD5
  
  c0077c3d45c9043427b71503aa01b1d5
- SHA1
  
  04b094da36c684a13b3807b1eb309a33d13c5a49
- SHA256
  
  575f63b628e10d004116ed682c80f5634e4c481be34e51912862bb88abcf2d5e
- SHA512
  
  cd99a89249aab8f065977d3ed5973c1b0c3d64ab684177addc4ff977ce27cc82ad7410c08f1baa24acb808b1d315219a3573296f712f7aaabee499e4d50f4635
- SSDEEP
  
  12288:cA2yohgB7VJVYtVH0teWBJFCSY8r4/XxmvBFW1/mrw1:cA2rhgRVYDUtxB678r4/xEFW1/Cw1
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2